Morrisons faces legal action over payroll data leak

Morrisons is facing legal action from a group of employees over a data breach that resulted in the leaking of salary, bank and national insurance details of 99,998 members of staff.

The supermarket is facing claims from over 2,000 members of staff after Andrew Skelton, who was a senior internal auditor at Morrisons’ Bradford head office, took payroll information and sent staff details to newspapers and placed it on data sharing websites.

Skelton is currently serving a prison sentence of eight years for the data theft following a trial at Bradford Crown Court.

Speaking during Skelton’s sentencing in July, David Holderness, reviewing lawyer at the complex casework unit, Crown Prosecution Service Yorkshire and Humberside, said: “Andrew Skelton was in a position of considerable trust with access to confidential personal information as senior internal auditor at Morrisons.

“He abused this position by uploading this information, which included employees’ names, addresses and bank account details, onto various internet websites.

“Andrew Skelton’s motive appears to have been a personal grievance over a previous incident where he was accused of dealing in legal highs at work.”

Nick McAleenan, data privacy lawyer at JMW Solicitors, which is representing the claimants, said: “My clients’ position is that Morrisons failed to prevent a data leak which exposed tens of thousands of its employees to the very real risk of identity theft and potential loss. In particular, they are worried about the possibility of money being taken from their bank accounts and, in the case of younger clients, negative consequences for their credit rating.”

A spokesperson for Morrisons stated: “We are contesting this case. We are not accepting liability for the actions of a rogue individual.

“We can confirm we are not aware that anybody suffered any financial loss from this breach.”